package com.flx.sys.rbac;

import java.util.HashSet;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import org.springframework.context.annotation.Primary;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Service;
import org.springframework.util.AntPathMatcher;
import com.flx.sys.jwt.dto.JwtUser;

@Primary
@Service("rbacService")
public class RbacServiceImpl implements RbacService {

	private AntPathMatcher antPathMatcher = new AntPathMatcher();

	@Override
	public boolean hasPermission(HttpServletRequest request, Authentication authentication) {
		boolean hasPermission = false;
		Object principal = authentication.getPrincipal();
		if (principal instanceof JwtUser) {
			String username = ((JwtUser) principal).getUsername();
			//读取用户所拥有的权限对应的所有url
			Set<String> urls = new HashSet<>();
			urls.add("/me");
			urls.add("/auth/**");
			for (String url : urls) {
				if (antPathMatcher.match(url, request.getRequestURI())) {
					hasPermission = true;
					break;
				}
			}
		}
		return hasPermission;
	}

}
